On 2011-10-17 20:53, Eran Hammer-Lahav wrote:
All I agree with is to limit the scope character-set in the v2 spec to the subset of ASCII allowed in HTTP header quoted-string, excluding " and \ so no escaping is needed, ever. ...
I noticed that this hasn't been done yet, but the bearer spec, for which publication was just requested, kind of assumes it *will* be done.
Are mechanisms in place to ensure that this change indeed happens? Best regards, Julian _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
